Learn Malware Analysis: Explore the Concepts, Tools and Techniques to Analyse and Investigate Malware by Abdul Rauf Khan

Author:Abdul Rauf, Khan [Abdul Rauf, Khan]
Language: eng
Format: epub
Published: 2020-07-02T16:00:00+00:00

Chapter 3.14 Malware Analysis Tools

S o taking a very quick look at some malware analysis tools. And again, digging deep into this is beyond the scope of this Book, but I just want to give you a quick bit of information about some of the tools that are out there.

This one happens to be IDA Pro, and it is a commercial application, but there's a wide variety of tools. That's first and foremost. So your specific tool of choice may be different than the next person, the next company, and so forth.

There are commercial applications, which obviously have a dollar amount attached to them. There are also open-source and free applications, ones that are more community-driven and so forth. You can use a combination of commercially available software and the open-source stuff and kind of piecemeal your own toolset together. And again, it's a personal preference, a lot of times what an examiner will use.

It really just depends upon what you're comfortable with and what you're accustomed to using. So what you see here is IDA Pro, and as an example, it can take a piece of malware and deconstruct that malware and show you step-by-step trace through the execution and will show you every single piece of code, what it calls, what it does, whether it's registry keys, or drops files, or reaches out and calls some external resource, and so forth.

So it allows you to go through that process and identify what's going on within that piece of malware. But as you might guess, no matter which method you choose, commercial, open-source, or a combination thereof, training is required to become proficient.

These applications are not easy. Deconstructing malware is not a light-hearted task. It takes highly skilled resources to combat it effectively. So constant training is key. So as a manager or as an executive in a company, you need to make sure you have the mind-set that we're going to invest in our people.

We're going to invest in training, making sure they stay up to speed and making sure they have the latest, greatest toolsets to get the job done. Believe me, it will end up paying dividends if and when a malware infection occurs or could've occurred just in the amount of time, effort, labour, perhaps public opinion, investor confidence, consumer confidence, and so forth that it can save a company.

We've all heard about these large commercial retailer breaches that have had millions of consumer credit cards stolen or various credentials, names, addresses, IP addresses, email addresses, and so forth, the salted hash of their passwords.

It could be in the tens of millions or even hundreds of millions of consumers. So that really can put a ding, as you could imagine, in consumer confidence for that company or for that organization.

So having highly skilled people that cut that off in the beginning will go a long way to saving a lot of money, a lot of time and effort on the back end.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.